NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
History

Tue, 17 Sep 2024 12:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
Nvidia
Nvidia cloud Gaming
Nvidia geforce
Nvidia gpu Display Driver
Nvidia quadro
Nvidia rtx
Nvidia tesla
Nvidia virtual Gpu
CPEs cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows
Nvidia
Nvidia cloud Gaming
Nvidia geforce
Nvidia gpu Display Driver
Nvidia quadro
Nvidia rtx
Nvidia tesla
Nvidia virtual Gpu

Thu, 08 Aug 2024 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 08 Aug 2024 17:15:00 +0000

Type Values Removed Values Added
Description NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2024-08-08T16:57:49.154Z

Updated: 2024-08-08T18:36:36.982Z

Reserved: 2023-12-02T00:42:17.123Z

Link: CVE-2024-0107

cve-icon Vulnrichment

Updated: 2024-08-08T18:35:50.681Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-08T17:15:18.240

Modified: 2024-09-17T12:10:22.063

Link: CVE-2024-0107

cve-icon Redhat

No data.